The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...

The compromise of a version of Bitwarden's CLI is connected to the ongoing Checkmarx supply chain campaign, but differences in the operational methods of both incidents are making it difficult to ...

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...

AI Verified gives any registered business the machine-readable identity AI systems need to find and cite them — solving the ...

Today, many VDR providers are incorporating AI into their platforms, significantly expanding their core functionality.

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...

Two separate phishing campaigns are hitting organisations with Formbook, a long-running information stealer that continues to adapt its delivery methods to slip past traditional Windows defences. The ...

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...